Tales from our Pinoy Hackers after Y2K Bug to pre-Comeleak part 2

by Nullforge Blog on February 19, 2021June 7, 2021 in Hacks, Threat Intelligence

In our previous post we talked about the the I Love You Virus, the 4’ O Clock Project, and the 1st Cybercrime conviction in the Philippines. One of the main purposes of the previous article was to clear some conspiracy stories about the hacking scene in the Philippines.

Now, I know you may have some questions about the featured image in this article. It is actually an MS-DOS virus made in Mindanao State University – Iligan Institute of Technology. It was featured in a 1997 Virus Bulletin issue. My apologies though as it somehow defeats the title of our article that says “after Y2k bug” but I think it is important in the Philippine virus writing scene. Primarily, because it existed prior to the I Love You Virus and because it can be relived through Mikko Hyponnen’s Malware Museum.

Noob Killer
Taga Lipa Are, Long Live Sowar, Jollybeecute, Funny UST Scandal, and other Filipino virus variants were annoying viruses during the Windows XP days. I still remember playing with them back in college.

Some anti-viruses do not even detect them and only in the later years. Good thing, Noob Killer was created which is a simple utility that destroys some of these Filipino virus variants.

The developer of this utility was Leerz and he is a Filipino as well whose real name is still a mystery. One thing for sure is that his utility somehow helped PC users during the XP days.

Noob Killer existed since February 2007. Geez, I feel old!

BahayKubo Gmail Keylogger
In Internet cafes, keyloggers were a pain. The most famous keylogger to have ever existed in the PH underground scene was the Bahay Kubo Gmail Keylogger by dr3yfus.

dr3yfus was active in some Filipino forum sites like pinoyhackers.com. I still remember in ROOTCON’s forum site wherein he announced (probably 2009-2010) that he was just done with his OSCP and was asking if it’s okay to take CEH.

Enter Pinoyhackers.com (2009)
pinoyhackers.com was a controversial underground forum site because it is always featured in news websites and in the television whenever a Philippine government website is defaced.

This was because some of the former and second generation members of AsianPride lurk in this forum including some new underground groups during its time like ProjectX, PrivateX, and Philker.

The funny thing though is that this forum site got defaced many times and that there was this one time wherein the logo was named as “pinayhackers.com”.

Hardware, Satellite, and Communications Hacking in the early days…
Filsat (filsat.com) and Filhacks (filhacks.com) were the forum sites where the hardware, satellite and communications hackers lurk. Filsat existed since 2006 while Filhacks started in 2008. Sad to say these forum sites are now dead.

Filsat and Filhacks were like sister forum sites because some of the moderators and members of Filsat were also moderators and members of Filhacks but one should know that these two forum sites are not administered by the same web administrators. I know this because I was a member of these two forums, I was also also a moderator of Filhacks and that I knew both of the web administrators of the said forum sites. My dad back then was also an active member of the Filsat community as he is a satellite hobbyist.

Filsat focused mostly on building a satellite hobbyist community but then it also inseminated satellite hacking in the Philippines. It pioneered Dream Satellite Hacking! Yes, its members were the reason why Dream shifted to Nagravision 3 for its encryption and also the reason why Dream went bankrupt. It was the only Filipino forum site where you can see activation keys being flashed in the forum boards. Card sharing which is illegal was also being highlighted in this forum.

Filhacks on the other hand focused on free internet connection and hacking the USB dongles, Smart Canopies, and Globe WiNaxes. Some of its members were even persecuted for selling hacked WiMaxes. It was easy to hack them from creating proxies to mac cloning.

Filipino hackers were already doing IoT and Hardware hacking pre-ComeLeak because when Globe released bm622i routers, some hardware hackers hacked it by jtagging it, reflashing it and connecting to its UART port unlike the bm622 line of routers wherein you can just telnet into them. Although there are also some ways to hack it via factory reset or telnet for some bm622i routers.

Yes, IoT and Hardware Hacking in the Philippines was already a thing even before 2012. Notice the image above?

And so I leave you guys here for now. See you on the third series of this continuing article. For more updates just visit Nullforge’s Facebook page: https://www.facebook.com/nullforgesec.

EOF

(This is a continuing article series, see part 1)